GnuPG is an implementation of OpenPGP standard.
People use it for public-private key encryption.
It is one of the tools that Edward Snowden used to uncover the secrets of the NSA.

GnuPG is a complex tool.
I will only show you how to use it for file encryption without using keys.
And i will show some configuration files to make commands more simple.

I assume you know how to use a Unix console and have Homebrew package manager installed.

First you should install GnuPG withHomebrew:

brew install gnupg

This will install GnuPG version 2.2.19 (or later)

Check installation:

gpg --version

You should be able to see something like this:

gpg (GnuPG) 2.2.19libgcrypt 1.8.5Copyright (C) 2019 Free Software Foundation, Inc.License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>This is free software: you are free to change and redistribute it.There is NO WARRANTY, to the extent permitted by law.

Now we can use GnuPG.

I have a text file namedtest.txt.
It contains this text:

this is a test file

To encrypttest.txt file i will use this command:

gpg -c --armor --cipher-algo AES256 --no-symkey-cache --output test.asc test.txt

This command will ask you a password and create an encrypted version oftest.txt file and save astest.asc file.

Command explanation:

-c means use symmetric cipher so you will enter a password for that file.
--armor is for a readable ascii output so you can easily copy/paste it.
--cipher-algo AES256 is for using AES-256 cipher. (U.S. government using it so why not)
--no-symkey-cache means GnuPG will not remember password. If you don't enter this--decrypt command won't ask your passphrase.
--output test.asc means save encrypted file astest.asc

Now i havetest.asc (encryptedtest.txt).
It contains this text:

-----BEGIN PGP MESSAGE-----jA0ECQMCFBL2lERVNBzj0kwBXxdKtTQSCu4aHyiP93EfUjqYX+Qsp6sWAF+RHUMWrqjQiLMSlSrxnBxG0E+qfoTmN+26Qb0qd9XAY7S3OTQTfi6XyvjjrNr0yiJ9=r3J6-----END PGP MESSAGE-----

As you can see it is readable but meaningless.
This is because of the--armor option we added to the command.

To decrypttest.asc file i will use this command:

gpg --decrypt --no-symkey-cache --output test1.txt test.asc

This command will ask you the password you used and if it is correct it will create a decrypted file astest1.txt.

Now i havetest1.txt.
It contains this text:

this is a test file

Configuration Files

There are some configuration files im using.
I will show you how to create these files.
These configuration files are not neccessary but they are shortening the commands i use everyday.

GnuPG creates a folder for itself.
It is normally in your$HOME folder named.gnupg.
It contains caches, your keyrings, your configuration files.
So go there and create a file namedgpg.conf.(if it doesn't exists)

Write these ingpg.conf:

armorpersonal-cipher-preferences AES256verboseuse-embedded-filename

Save it.

Now create another configuration file namedgpg-agent.conf.(gpg-agent comes with gnupg installation)

Write these ingpg-agent.conf:

default-cache-ttl 0max-cache-ttl 0disable-scdaemon

default-cache-ttl 0 andmax-cache-ttl 0 disables password cache.disable-scdaemon disables smart card daemon program. Smart Card program starts automatically whenevergpg-agent starts. I don't use smart cards so i'm disabling it.

Save it.

Now actually you should restart yourgpg-agent program manually.

Kill it with this command:

gpgconf --kill gpg-agent

It will launch automatically when you callgpg.
If it doesn't you can run this command to launch it:

gpgconf --launch gpg-agent

Anyway now we don't need to add any options. We can simply run our command like this:

gpg -c test.txt

This command will automatically create a file namedtest.txt.asc withcipher aes-256, also inascii format and won't remember thepassword.

To decrypt it simply enter this command:

gpg -d test.txt.asc

It will create a decrypted file astext.txt.

This is one of the many ways to use GnuPG.
As i said before it does so much more.
You can look for more info here atGnuPG